Re: Vulnerability scanners

From: Nicolas Gregoire (ngregoire@exaprobe.com)
Date: Thu Mar 27 2003 - 17:18:53 EST

• Next message: Paris Stone: "Re: Vulnerability scanners"
• Previous message: Alex Russell: "Re: Vulnerability scanners"
• In reply to: Jeff Williams @ Aspect: "Re: Vulnerability scanners"
• Next in thread: R. DuFresne: "Re: Vulnerability scanners"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Thu, 2003-03-27 at 19:58, Jeff Williams @ Aspect wrote:
> Let's assume that you're talking about 256 IPs (based on Qualys' published
> pricing), and you want to scan weekly. That's at least a day a week of
> effort for someone (probably more to generate a very nice report and
> summaries).

Using Nessus with differential scanning, you can weekly scan 256 IPs and
analyse the report (in a normal production mode) in less than 1 or 2
hours. Just make a full scan every month to be sure that everything is
re-checked, and that's all ...

By the way, you can use the differential report to be sure that there's
some progress in the internal patching process.

Regards,

-- 
Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information
ngregoire@exaprobe.com ------[ ExaProbe ]------ http://www.exaprobe.com/
PGP KeyID:CA61B44F  FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F

• application/pgp-signature attachment: This is a digitally signed message part

• Next message: Paris Stone: "Re: Vulnerability scanners"
• Previous message: Alex Russell: "Re: Vulnerability scanners"
• In reply to: Jeff Williams @ Aspect: "Re: Vulnerability scanners"
• Next in thread: R. DuFresne: "Re: Vulnerability scanners"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:31 EDT